Mageia 7 MGASA-2020-0159 Moderate: Librsvg Denial Of Service

mageia

April 5, 2020

The updated packages fix a security vulnerability: In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the...

Summary

The updated packages fix a security vulnerability:
In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially. (CVE-2019-20446)

References

- https://bugs.mageia.org/show_bug.cgi?id=26313

- http://lists.suse.com/pipermail/sle-security-updates/2020-March/006583.html

- - https://www.cve.org/CVERecord?id=CVE-2019-20446

Topics Covered

security advisory denial of service security issue librsvg Mageia

Resolution

SRPMS

- 7/core/librsvg-2.45.5-3.1.mga7

Publication date: 05 Apr 2020

URL: https://advisories.mageia.org/MGASA-2020-0159.html

Type: security

CVE: CVE-2019-20446

Topics Covered

security advisory denial of service security issue librsvg Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia 7 MGASA-2020-0159 Moderate: Librsvg Denial Of Service

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia 7 MGASA-2020-0159 Moderate: Librsvg Denial Of Service

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!